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AMENDMENTS TO THE CLAIMS 
This listing of claims will replace all prior versions and listings of claims in the 
above-identified application: 

1 . (currently amended) A method for communicating IPSec tunnel packets 
with compressed inner header s, a tunnel header, an IPSec header, an encapsulated 
portion, and an authentication code, the method comprising: 

storing an inner IP header and an inner protocol header from an initial IPSec 
tunnel packet in a context sub-table at a destination tunnel device; 

for a subsequent IPSec tunnel packet, generating at the source tunnel device a 
compressed inner header from the inner protocol header of the subsequent IPSec tunnel 
packet; 

performing a operation on at least one of the compressed inner header, a payload 
field and a padding field of the subsequent IPSec tunnel packet to generate aa the 
encapsulated portion; and 

replacing at least one of the inner IP header, the inner protocol header, the 
payload field and the padding field of the subsequent IP Sec tunnel packet with the 
encapsulated portion to generate an IPSec tunnel packet with compressed inner headers; 

at the destination tunnel device, identifying a security association database entry 
for the tunnel using a security policy index number in the IP Sec header, 

at the destination tunnel device, decrypting the encapsulated portion to 
determine at least one of the compressed inner protocol header and the padding field, the 
padding field including a context sub-table identifier to identifies a context sub-table 
associated with the security association database entry: 

at the destination tunnel device. retrieving_at least one of the inner IP header and 
the inner protocol header for the subsequent IPSec tunnel packet from the context sub- 
table; and • 

recreating the subsequent IPSec tunnel packet using the inner IP header and 
inner protocol header retrieved from the context sub-table . 
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2. (canceled). 

3. (currently amended) The method as claimed in claim [[2]] 1. wherein 
generating the compressed inner header comprises comparing the inner protocol header 
with an inner protocol header of a prior IPSec tunnel packet with full inner headers. 

4. (original) The method as claimed in claim 3 wherein the generating the 
compressed inner header comprises generating a status field to indicate fields of the inner 
protocol header that have changed from the prior IPSec tunnel packet. 

5. (original) The method as claimed in claim 4 further comprising updating 
the inner protocol header in the context sub-table based on information in the compressed 
inner header, and wherein replacing comprises replacing the compressed inner header 
with the inner IP header retrieved from the context sub-table and the updated inner 
protocol header to recreate the IPSec tunnel packet with full inner headers. 

6. (currently amended) A method for conimunicating EPSec tunnel packets 
with compressed inner headers comprising: 

generating a compressed inner header from an inner protocol header of an IPSec 
tunnel packet with full inner headers; 

performing an operation on at least one of the compressed inner header, a 
payload field and a padding field of the IPSec tunnel packet to generate an encapsulated . 
portion; aad 

replacing at least one of an inner IP header, the inner protocol header, the . 
payload field and the padding field of the IPSec tunnel packet with the encapsulated 
portion to generate an IPSec tunnel packet with compressed inner headers; 

performing a second operation on the encapsulated portion of the IPSec tunnel 
packet with compressed irmer headers to determine the compressed inner protocol header 
and the padding field, the padding field including a context sub-table identifier to identify 
a context sub-table; 
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retrieving the inner IP header and the inner protocol header for the IPSec tunnel 
packet from the context sub-table: and 

recreating the IPSec tunnel packet with full inner headers using the IP header 
and inner protocol header retrieved from the context sub-table . 

7. (canceled). 

8. (original) The method as claimed in claim 6 wherein generating the 
compressed inner header comprises comparing the inner protocol header with an inner 
protocol header of a prior IPSec tunnel packet with full inner headers. 

9. (original) The method as claimed in claim 8 wherein the IPSec data 
packet with Ml inner headers has inner headers including the inner protocol header and 
an inner IP header, and wherein generating the compressed inner header includes 
refraining from including information from the inner IP header. 

10. (original) The method as claimed in clam 8 wherein the generating the 
compressed inner header comprises generating a status field to indicated fields of the 
inner protocol header that have changed from the prior IPSec tunnel packet. 

11. (original) The method as claimed in clam 8 wherein the generating the 
compressed inner header comprises including a generation data field in the compressed 
inner header. 

12. (original) The method as claimed in clam 6 wherein performing the 
operation comprises performing either an encryption operation or an authentication 
operation on the compressed inner header, the payload field and the padding field to 
generate the encapsulated portion. 
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13. (original) The method as claimed in claim 6 wherein performing the 
operation comprises adding bits to the padding field prior to performing either the 
encryption operation or the authentication operation. 

14. (currently amended) The method as claimed in claim [[7]] 6 wherein 
performing the second operation on the encapsulated portion comprises either decrypting 
or authenticating the encapsulated portion. 

15. (currently amended) The method as claimed in claim [[7]] 6 wherein 
recreating the IPSec tunnel packet with full inner headers comprises replacing the 
compressed inner header with the inner IP header retrieved from the context sub-table and 
an updated inner protocol header to recreate the IPSec tunnel packet with full inner 
headers, and 

wherein generating the compressed inner header, performing the operation, and 
replacing the inner IP header are performed at a source tunnel device, and wherein 
performing the second operation on the encapsulated portion, retrieving* and replacing the 
compressed inner header are performed at a destination tunnel device. 

16. (original) The method as claimed in claim 15 further comprising: 
sending an initial IPSec tunnel packet with full inner headers from the source 

tunnel device to the destination tunnel device; and 

storing an inner IP header and an inner protocol header of the initial IPSec 
tunnel packet in the context sub-table at the destination tunnel device. 

17. (original) The memod as clarraed ra claim 16 further comprising: 
adding a tunnel header, an PSec header,, and an authentication code to the 

encapsulated portion; and 

sending the IPSec tunnel packet with compressed inner headers from the source 
tunnel device to the destination tunnel device. 
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18. (currently amended) The method as claimed in claim [[7]] 6 further 
comprising reading a portion of a security policy index number contained in an IPSec 
header to determine when an IPSec tunnel packet received at a destination tunnel device 
has compressed inner headers. 

19. (original) The method as claimed in claim 18 wherein reading the portion 
of the security policy index number further comprises reading the portion of the security 
policy index number to determine when the IPSec packet with compressed inner headers 
is a TCP type packet or a non-TCP type packet. 

20. (currently amended) The method as claimed in claim [[7]] 6 further 
comprising reading a portion of a security policy index number contained in the IPSec 
header to identify a key for use in performing a security operation on the encapsulated 
portion of the IPSec tunnel packet with compressed inner headers. 

21. (currently amended) The method as claimed in claim [[7]] 6 further 
comprising reading a portion of a security policy index number contained in the IPSec 
header to identify a security association database entry for an IPSec tunnel between a 
source tunnel device and a destination tunnel device, the security association database 
entry identifying a key for performing a security operation on the encapsulated portion. 

22. (original) The method as claimed in claim 21 wherein the context sub- 
table is one of a plurality of context sub-tables associated with the security association 
database entry, each context sub-table of the plurality being associated with a subnet 
destination tunnel device beyond the destination tunnel device. 

23. (currently amended) The method as claimed in claim [[7]] 6 further 
comprising updating the inner protocol header stored in the context sub-table based on 
information in the compressed inner header, and wherein replacing comprises replacing 
the compressed inner header with the inner IP header retrieved from the context sub-table 
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and the updated inner protocol header to recreate the IPSec tunnel packet with full inner 
headers. 

24. (currently amended) The method as claimed in claim [[7]] 6 further 
comprises reading a tunnel header at a destination tunnel device to determine whether the 
IPSec tunnel packet with compressed headers implements an encapsulating security 
protocol (ESP) or an authentication header (AH) protocol, and 

wherein the security operation includes a decryption when the ESP is 
implemented, and the security operation includes an authentication when the AH protocol 
is implemented. 

25. (original) The method as claimed in claim 24 further comprising: 
reading a portion of a security policy index number contained in the IPSec 

header to identify a security association database entry for an IPSec tunnel between the 
source tunnel device and the destination tunnel device, the security association database 
entry including a flag to indicate when the encapsulated portion is encrypted; and 

refraining from performing the decrypting at the destination tunnel device 
when the flag indicates encryption has not been performed on the encapsulated portion. 

26. (currently amended) A tunnel device for communicating IPSec tunnel 
packets with compressed inner headers, the tunnel device comprising: 

an inner header compressor to £|) generate a compressed inner header from an 
inner protocol header of an IPSec tunnel packet with full inner headers that include an 
inner IP header, (ii) compare the inner protocol header with an inner protocol header of a 
prior IPSec tunnel packet with full inner headers, (iii) refrain from including information 
from the inner IP header, and (W) generate a stutus field to indicate ffc lds nf the imiFx 
protocol header that have changed from the prior IPSec tunnel packet; 

a security processor to perform a security operation on the compressed inner 
header, a payload field and a padding field of the IPSec tunnel packet to generate an 
encapsulated portion; and 
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an P packet processor to replace an inner EP header, the inner protocol header, 
the payload field and the padding field of the IPSec tunnel packet with the encapsulated 
portion to generate an IPSec tunnel packet with compressed inner headers 

wherein a second tunnel device__ performs a security operation on the 
encapsulated portion of the IPSec tunnel packet with compressed inner headers to 
determine the compressed inner protocol header and the padding field, the padding field 
including a context sub-table identifier to identify a context sub-table, retrieves- the inner 
IP header and the inner protocol header for the IPSec tunnel packet from the context sub- 
table, and recreates the IPSec timnel packet with full inner headers using the IP header 
and inner protocol header retrieved from the context sub-table . 

27. (canceled). 

28. (canceled). 

29. (canceled). 

30. (canceled). 

31. (currently amended) A computer readable medium having program 
instructions stored thereon for performing a method of communicating IPSec tunnel 
packets with compressed headers when executed within a digital processing device, the 
method comprising: 

generating a compressed inner header from an inner protocol header of an IPSec 
tunnel packet with full inner headers that include an inner IP header, while refraining 
from including information from the inner IP header : 

comparing the inner protocol header with an inner protocol header of a prior 
IPSec tunnel packet with full inner headers: 

generating a status field to indicate fields of the inner protocol header that have 
changed from the prior IPSec tu nnel packet; 
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performing a security operation on the compressed inner header, a payload field 
and a padding field of the IPSec tunnel packet to generate an encapsulated portion; a»4 

replacing an inner IP header, the inner protocol header, the payload field and the 
padding field of the TP Sec tunnel packet with the encapsulated portion to generate an 
IPSec tunnel packet with compressed inner headers; 

performing a security operation on the encapsulated portion of the IPSec tunnel 
packet with compressed inner headers to determine the compressed inner protocol header 
and the padding field, the padding field including a context sub-table identifier to identify 
a context sub-table: 

retrieving the inner IP header and the inner protocol header for the IPSec tunnel 
packet from the context sub-table: and 

recreating the IPSec tunnel packet with full inner headers using the IP header 
and inner protocol header retrieved from the context sub-table . 

32. (canceled). 

33. (canceled). 

34. (canceled). 

35. (canceled). 

36. (currently amended) The computer readable medium as claimed in claim 
[[35]] 3J. wherein recreating the IPSec tunnel packet with full inner headers comprises 
replacing the compressed inner header with the inner IP header retrieved from the context 
sub-table and an updated inner protocol header to recreate the IPSec tunnel packet with 
full inner headers, and 

wherein generating the compressed inner header, performing the security 
operation and replacing the inner IP header are performed at a source tunnel device, and 
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wherein performing the security operation on the encapsulated portion, retrieving, and 
replacing the compressed inner header are performed at a destination tunnel device. 

37. (original) The computer readable medium as claimed in claim 36 wherein 
the programming instructions further comprise instructions for performing for the method 
which further comprise: 

sending an initial IPSec tunnel packet with full inner headers from the source 
tunnel device to the destination tunnel device; and 

storing an inner IP header and an inner protocol header of the initial EPSec 
runnel packet in the context sub-table at the destination tunnel device. 

38. (original) The computer readable medium as claimed in claim 36 wherein 
the programming instructions further comprise instructions for performing the method 
which further comprise updating the inner protocol header in the context sub-table based 
on information in the compressed inner header, and wherein replacing comprises 
replacing the compressed inner header with the inner IP header retrieved from the context 
sub-table and the updated inner protocol header to recreate the IPSec tunnel packet with 
full inner headers. 
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